Are Phishing Attacks a Security Threat to Small and Mid-Size Organizations?
SWC specializes in partnering with mid-market organizations to address business challenges and help them achieve success. Working closely with these organizations across industries, we keep an eye out for prevailing trends. One of the most pervasive trends we’ve seen in recent years is that, despite the growing threat of phishing attacks across all markets, small and mid-size organizations do not view themselves as targets to these threats.
That is… until they are breached.
We decided to investigate the belief that hackers are not targeting smaller companies and see if it holds true at a larger scale, beyond the conversations we are having with our clients. Here’s what we found:
While larger organizations are reporting higher total numbers of security incidents, smaller organizations have less success fending them off without data loss.
Verizon’s 2015 Data Breach Investigation Report
At first glance, it appears that smaller organizations are less likely to be attacked. However, the smaller businesses are reporting significantly more data loss than larger organizations. How could this be? The answer could lie in the fact that the data from this study is self-reported, meaning it’s possible that small businesses experienced many more security incidents than they reported in this study. Unfortunately, it wasn’t until they had already lost their data that they realized they had been breached.
Perhaps it isn’t that smaller organizations are less of a target, it’s that they are unable to register these incidents as a threat until it is far too late!
While data breaches in larger companies like Sony and Target make headlines, hackers are quietly exploiting companies of all sizes every day. Advancements in technology open up new methods to exploit weaknesses, making these attacks relatively low-cost and low-risk to execute. Since most smaller organizations aren’t paying attention, it’s easy to use the same methods over and over to cast a wide net. A hacker is not concerned with who they are attacking, they just care about the profit on the other end. And thousands of small breaches every day could amount to massive profits for them.
So what is your company’s biggest security weakness? Many organizations are surprised to learn it’s their users. Studies show that 90% of cyber-attacks start with a phishing email. What’s more alarming is that 97% of users can’t spot a phishing email when they see one. If you think you aren’t a target, think again!
Phishing for an Unwitting Accomplice: The Weakest Link in Your Cyber Security
Our latest whitepaper takes an in-depth look at the risks your users present to your security and some effective steps that your organization can start planning today to prevent these threats. Download our security white paper to uncover some of today’s most interesting security trends:
- Phishing Attacks and Your Users
- Cyber Threats for Small and Mid-Size Companies
- Steps You Can Take to Protect Your Data